Add a GSH report to 401.1

docker · Feb 14, 2022 · 5b0ae6b · 5b0ae6b
1 parent 3a43715
commit 5b0ae6b
Showing 2 changed files with 88 additions and 22 deletions.
diff --git a/docs/copy-paste-markdown/401.1.md b/docs/copy-paste-markdown/401.1.md
@@ -53,27 +53,43 @@ Another way to get the non-Faculty/Staff users is to use a membership filter. Us
 
 Before going live with the new group, we want to have the current exceptions looked at
 
-* Export the membership of _test:vpn:vpn_legacy_exceptions_ (More actions -> Export Members)
+* Grant READ to Networking Staff (basis:hr:employee:dept:10906:staff)
+* Export the membership of test:vpn:vpn_legacy_exceptions (More actions -> Export Members)
 
-### Get a list of current exceptions (Extra)
+### Hands on: Get a list of current exceptions (better)
 
-If the exception list is long, it will speed up review by listing the basis groups for each user
-
-* Run the SQL query from the Copy/paste to summarize basis groups for the exceptions
+The membership export only retrieves the subject IDs and names. A superior version would add more LDAP attributes, plus would be kept up to date
 
+* In vpn_legacy_exceptions, add a report (More actions -> Reports -> Add Report)
+    * Config type: GSH
+    * Config format: CSV
+    * Report name: `vpnLegacyExceptions`
+    * File name: `vpnLegacyExceptions_$$timestamp$$.csv`
+    * Description: `Members of the vpn legacy exceptions group, with extra LDAP fields`
+    * Viewers group id: `basis:hr:employee:dept:10906:staff`
+    * Quartz cron: sec min hr * * ? (set to 1 minute in the future)
+    * Send email: no
+    * Store report if no results: No
+    * GSH script:
 
 ```
-select distinct M.subject_id, M.subject_identifier0, M.name, group_concat(distinct G.display_extension) as "Basis Groups" from grouper_memberships_all_v V
-join grouper_members M on V.member_id = M.id
-join grouper_groups G on V.owner_group_id = G.id
-where (G.name like 'basis:hr:employee:dept:%' or G.name like 'basis:sis:prog_status:year:%')
-and M.subject_source = 'eduLDAP'
-and M.subject_id in (
-  select distinct subject_id from grouper_memberships_all_v V
-  join grouper_members M on V.member_id = M.id
-  join grouper_groups G on V.owner_group_id = G.id
-  where G.name = 'test:vpn:vpn_legacy_exceptions'
-  and M.subject_source = 'eduLDAP'
-) group by M.subject_id
-order by M.subject_id;
+Group g = gsh_builtin_gshReportRuntime.ownerGroup
+GrouperReportData grouperReportData = gsh_builtin_gshReportRuntime.grouperReportData
+
+grouperReportData.headers = ['Row', 'ID', 'UID', 'Name', 'Email']
+grouperReportData.data = new ArrayList<String[]>()
+
+g.members.eachWithIndex { it, i ->
+    String[] row = [
+            i+1,
+            it.subject.getAttributeValue('employeenumber'),
+            it.subject.getAttributeValue('uid'),
+            it.subject.getAttributeValue('cn'),
+            it.subject.getAttributeValue('mail'),
+    ]
+
+    grouperReportData.data << row
+}
 ```
+
+* Wait for the report to run, view the results
diff --git a/ex401/ex401.end/container_files/seed-data/bootstrap.gsh b/ex401/ex401.end/container_files/seed-data/bootstrap.gsh
@@ -1,13 +1,16 @@
+import edu.internet2.middleware.grouper.app.attestation.*;
+import edu.internet2.middleware.grouper.app.grouperTypes.*
+import edu.internet2.middleware.grouper.app.provisioning.GrouperProvisioningAttributeNames
+import edu.internet2.middleware.grouper.app.provisioning.GrouperProvisioningSettings
+import edu.internet2.middleware.grouper.app.reports.GrouperReportConfigAttributeNames
+import edu.internet2.middleware.grouper.app.reports.GrouperReportSettings
 import edu.internet2.middleware.grouper.grouperUi.beans.ui.GrouperNewServiceTemplateLogic
 import edu.internet2.middleware.grouper.grouperUi.beans.ui.GrouperTemplatePolicyGroupLogic
 import edu.internet2.middleware.grouper.grouperUi.beans.ui.ServiceAction
 import edu.internet2.middleware.grouper.grouperUi.beans.ui.StemTemplateContainer
-import edu.internet2.middleware.grouper.app.grouperTypes.*
-import edu.internet2.middleware.grouper.app.provisioning.GrouperProvisioningAttributeNames
-import edu.internet2.middleware.grouper.app.provisioning.GrouperProvisioningSettings
-import edu.internet2.middleware.grouper.app.attestation.*;
 import java.text.SimpleDateFormat;
 
+
 GrouperSession gs = GrouperSession.start(SubjectFinder.findByIdentifierAndSource("banderson", "eduLDAP", true))
 
 /* Creating a class for methods helps with gsh from the command line, which can't do functions called from other functions */
@@ -195,6 +198,53 @@ vpnLegacyExceptions.assignCompositeMember(CompositeType.COMPLEMENT, vpnLegacyGro
 
 println "${vpnLegacyExceptions.extension}: Person subjects = ${HelperMethods.countPersonSubjects(vpnLegacyExceptions)}"
 
+
+// Grant privs to networking staff, add a report
+Subject networkingStaff = SubjectFinder.findByIdentifierAndSource("basis:hr:employee:dept:10906:staff", "g:gsa", false);
+vpnLegacyExceptions.grantPriv(networkingStaff, Privilege.READ, false)
+
+AttributeAssign attributeAssign = vpnLegacyExceptions.attributeDelegate.assignAttribute(GrouperReportConfigAttributeNames.retrieveAttributeDefNameBase()).getAttributeAssign()
+attributeAssign.attributeValueDelegate.with {
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_NAME, "vpnLegacyExceptions")
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_TYPE, "GSH")
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_FORMAT, "CSV")
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_FILE_NAME, 'vpnLegacyExceptions_$$timestamp$$.csv')
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_DESCRIPTION, "Members of the vpn legacy exceptions group, with extra LDAP fields")
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_VIEWERS_GROUP_ID, networkingStaff.id)
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_QUARTZ_CRON, "0 0 6 * * ?")
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_SEND_EMAIL, "false")
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_STORE_WITH_NO_DATA, "false")
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_ENABLED, "true")
+    //skipped: reportConfigEmailBody
+    //skipped: reportConfigSendEmailWithNoData
+    //skipped: reportConfigEmailSubject
+    //skipped: reportConfigSendEmailToViewers
+    //skipped: reportConfigQuery
+    //skipped: reportConfigSendEmailToGroupId
+
+    assignValue(GrouperReportSettings.reportConfigStemName() + ":" + GrouperReportConfigAttributeNames.GROUPER_REPORT_CONFIG_SCRIPT, '''
+        Group g = gsh_builtin_gshReportRuntime.ownerGroup
+        GrouperReportData grouperReportData = gsh_builtin_gshReportRuntime.grouperReportData
+
+        grouperReportData.headers = ['Row', 'ID', 'UID', 'Name', 'Email']
+        grouperReportData.data = new ArrayList<String[]>()
+
+        g.members.eachWithIndex { it, i ->
+            String[] row = [
+                    i+1,
+                    it.subject.getAttributeValue('employeenumber'),
+                    it.subject.getAttributeValue('uid'),
+                    it.subject.getAttributeValue('cn'),
+                    it.subject.getAttributeValue('mail'),
+            ]
+
+            grouperReportData.data << row
+        }
+        '''.stripIndent())
+}
+
+
+
 // Create app template
 
 HelperMethods.newApplicationTemplate(StemFinder.findByName(gs, "app", true),